1. Open the Registry Editor.
2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PortalProtect\CurrentVersion.
3. Modify/Create the following key:

   Name: ABOLEScanLayer (to enable OLE Scan feature)
   Type: Dword (32Bit Value)
   Value: 0 – 20

   Where:

   0: means disabled
   1-20: means enabled & max scan layer

   Example:

   ABOLEScanLayer = 1

4. You can also specify the file types to be scanned for OLE:
   1. Add the registry below:

      Path: [HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PortalProtect\CurrentVersion]
      Key: ABOLEContainerTypes (to specify file types to be Scanned for OLE)
      Type: REG_SZ
      Value: ";" separated VSAPI file types (e.g. 1;2;4)

      ABOLEContainerTypes, string, type ID list of VSAPI supported OLE container files. The default value is “1;2;4;30;4045;6015”:

      1 = Word
      2 = PowerPoint
      4 = Excel
      30 = Project
      4045 = Office 2007 files
      6015 = pdf

   2. If you want to support a ZIP file as an OLE container file, add "4003" to ABOLEContainerTypes.

      Example:

      ABOLEContainerTypes=1;2;4;30;4045;6015;4003

   3. Restart PP_Master service.
5. It is necessary to enable "Block file types or names within compressed files" in the Attachment Blocking policy from the PortalProtect web UI for this to take effect.

By default, Attachment Blocking OLE Scan will check the following file types:

• Word
• Powerpoint
• Excel
• Project
• Office 2007 files
• PDF

To customize which file types will be scanned, perform the following steps:

1. In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PortalProtect\CurrentVersion
2. Create the following key:

   Name: ABOLEContainerTypes (to specify file types to be Scanned for OLE)
   Type: REG_SZ
   Value:

   Value	File Type
   1	Word
   2	Powerpoint
   4	Excel
   30	Project
   4045	Office 2007 files
   6015	pdf

    

   Separate multiple values using semi-colon (;).